Last Updated: 24 March 2025
Mallon Associates International Limited (“we”, “our”, “us”) is committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, store, share and protect your personal information, and explains your rights under the UK General Data Protection Regulation (UK GDPR).
1. Who We Are
Mallon Associates International Limited is a company registered in the United Kingdom. We provide training and certification services, and in doing so, we collect and process personal data. We act as a Data Controller for the purposes of the UK GDPR.
2. How We Collect Data
We collect data in the following ways through our website:
Mailing List Subscription
When you subscribe to our mailing list, we collect your email address.
Contact Form
When you contact us through our website, we collect:
- Your name
- Your email address
- The subject of your enquiry
- The content of your message
Certification Voucher Purchase
When you purchase a certification voucher through our third-party provider (Stripe), we collect:
- Your name
- Your email address
- Your billing address
- Payment information (processed and stored by Stripe, not us)
3. Certification Programmes
We provide certification services in collaboration with third parties. These programmes involve:
- Data collection: name, email address, and address
- Data generation: test scores, certification results, certification IDs
These details are used to issue certifications and may be shared as necessary with the relevant parties (e.g. Stripe, TestInvite, 3forge).
4. Third-Party Providers
We work with the following third-party providers:
- Stripe – Payment processing
Stores: name, email, billing address, payment info
Privacy Policy: https://stripe.com/privacy - TestInvite – Online testing platform
Stores: name, email, test scores, certification status
Privacy Policy: https://stripe.com/gb/privacy - 3forge – Certification programme partner
May receive: certification status, name, email, and relevant programme data
Privacy Policy: https://3forge.com/privacy-policy
We only share data with third parties as necessary to provide our services, and all providers are contractually required to comply with applicable data protection laws.
5. Public Certification Verification
We may make certain certification details publicly available to verify achievement. This may include:
- Full name
- Certification ID
- Email address (for lookup purposes)
- Certification name
- Date of certification
- Expiry date
This data may be accessible via a public web page for verification purposes.
6. Marketing & Communications
We may use your email address and certification history to:
- Contact you about similar or related certification, training, or consultancy services
- Share updates about our offerings
We may also permit our third-party partners (e.g., Stripe, TestInvite, 3forge) to contact you regarding related services.
You can opt out of marketing communications at any time by following the unsubscribe link in our emails or by contacting us directly.
7. Legal Basis for Processing
We process your data under the following lawful bases:
- Contractual necessity – to deliver certification and related services
- Consent – for mailing list and marketing communications
- Legitimate interests – to improve our services and maintain certification records
- Legal obligations – where required by law
8. How Long We Keep Your Data
We retain personal data only for as long as necessary to:
- Provide our services
- Fulfil legal and regulatory requirements
- Maintain certification verification records
If you request data deletion (where applicable), we will comply unless we have a legal obligation or overriding legitimate interest to retain it.
9. Your Rights
Under the UK GDPR, you have the right to:
- Access your personal data
- Rectify incorrect or incomplete data
- Request erasure (“right to be forgotten”)
- Restrict or object to processing
- Data portability
- Withdraw consent at any time (where consent is the lawful basis)
- Lodge a complaint with the UK Information Commissioner’s Office (ICO)
To exercise any of these rights, please contact us at:
privacy@mallonassociates.com
10. Data Security
We take data security seriously and implement appropriate technical and organisational measures to protect your data from unauthorised access, loss or disclosure.
11. International Transfers
As we and our providers are based in the UK and elsewhere, your data may be transferred outside the UK or EEA. In such cases, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.
12. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website. Significant changes will be communicated where appropriate.
13. Contact Us
For any questions or concerns regarding this Privacy Policy or how your data is handled, please contact:
Mallon Associates International Limited
privacy@mallonassociates.com
Brunel House, 15th Floor, 2 Fitzalan Road, Cardiff, Wales, CF24 0EB